Can local storage ever be considered secure

Question

I m required to develop a web application that will function offline for long periods  In order for this to be viable I cannot avoid saving sensitive data  personal data but not the kind of data you would only store hashed  in local storage    I accept that this is not recommended practice  but given little choice I m doing the following to secure the data    encyrypting everything going into local storage using the stanford javascript crypto library and AES-256 the user password is the encryption key and is not stored on the device serving all content  when online  from a single trusted server over ssl validating all data going to and from local storage on the server using owasp antisamy project in the network section of the appcache  not using    and instead listing only the URIs required for connection with the trusted server in general trying to apply the guidelines suggested in the OWASP XSS cheat sheet   I appreciate that the devil is often in the detail  and know there is a lot of scepticism about local storage and javascript-based security in general  Can anyone comment on whether there are    fundamental flaws in the above approach  any possible solutions for such flaws  any better way to secure local storage when an html 5 application must function offline for long periods    Thanks for any help

User · Answer

Not accessible to any webpage  true  but is easily accessible and easily editible via dev tools  such as chrome  ctl-shift-J    Therefore  custom crypto required before storing the value     But  if javascript needs to decrypt  to validate  then the decrypt algorithm is exposed and can be manipulated   Javascript needs a fully secure container and the ability to properly implement private variables and functions that are available only to the js interpreter   But  this violates user security - since tracking data can be used with impunity   Consequently  javascript will never be fully secure

User · Answer

Well  the basic premise here is  no  it is not secure yet   Basically  you can t run crypto in JavaScript  JavaScript Crypto Considered Harmful   The problem is that you can t reliably get the crypto code into the browser  and even if you could  JS isn t designed to let you run it securely  So until browsers have a cryptographic container  which Encrypted Media Extensions provide  but are being rallied against for their DRM purposes   it will not be possible to do securely   As far as a  Better way   there isn t one right now  Your only alternative is to store the data in plain text  and hope for the best  Or don t store the information at all  Either way   Either that  or if you need that sort of security  and you need local storage  create a custom application

User · Answer

No   localStorage is accessible by any webpage  and if you have the key  you can change whatever data you want   That being said  if you can devise a way to safely encrypt the keys  it doesn t matter how you transfer the data  if you can contain the data within a closure  then the data is  somewhat  safe

User · Answer

As an exploration of this topic  I have a presentation titled  Securing TodoMVC Using the Web Cryptography API   video  code     It uses the Web Cryptography API to store the todo list encrypted in localStorage by password protecting the application and using a password derived key for encryption  If you forget or lose the password  there is no recovery    Disclaimer - it was a POC and not intended for production use    As the other answers state  this is still susceptible to XSS or malware installed on the client computer   However  any sensitive data would also be in memory when the data is stored on the server and the application is in use   I suggest that offline support may be the compelling use case   In the end  encrypting localStorage probably only protects the data from attackers that have read only access to the system or its backups   It adds a small amount of defense in depth for OWASP Top 10 item A6-Sensitive Data Exposure  and allows you to answer  Is any of this data stored in clear text long term   correctly

User · Answer

WebCrypto  The concerns with cryptography in client-side  browser  javascript are detailed below  All but one of these concerns does not apply to the WebCrypto API  which is now reasonably well supported   For an offline app  you must still design and implement a secure keystore   Aside  If you are using Node js  use the builtin crypto API   Native-Javascript Cryptography  pre-WebCrypto   I presume the primary concern is someone with physical access to the computer reading the localStorage for your site  and you want cryptography to help prevent that access   If someone has physical access you are also open to attacks other and worse than reading  These include  but are not limited to   keyloggers  offline script modification  local script injection  browser cache poisoning  and DNS redirects  Those attacks only work if the user uses the machine after it has been compromised  Nevertheless  physical access in such a scenario means you have bigger problems   So keep in mind that the limited scenario where local crypto is valuable would be if the machine is stolen   There are libraries that do implement the desired functionality  e g  Stanford Javascript Crypto Library  There are inherent weaknesses  though  as referred to in the link from  ircmaxell s answer     Lack of entropy   random number generation  Lack of a secure keystore i e  the private key must be password-protected if stored locally  or stored on the server  which bars offline access   Lack of secure-erase  Lack of timing characteristics    Each of these weaknesses corresponds with a category of cryptographic compromise  In other words  while you may have  crypto  by name  it will be well below the rigour one aspires to in practice   All that being said  the actuarial assessment is not as trivial as  Javascript crypto is weak  do not use it   This is not an endorsement  strictly a caveat and it requires you to completely understand the exposure of the above weaknesses  the frequency and cost of the vectors you face  and your capacity for mitigation or insurance in the event of failure  Javascript crypto  in spite of its weaknesses  may reduce your exposure but only against thieves with limited technical capacity  However  you should presume Javascript crypto has no value against a determined and capable attacker who is targeting that information  Some would consider it misleading to call the data  encrypted  when so many weaknesses are known to be inherent to the implementation  In other words  you can marginally decrease your technical exposure but you increase your financial exposure from disclosure  Each situation is different  of course - and the analysis of reducing the technical exposure to financial exposure is non-trivial  Here is an illustrative analogy  Some banks require weak passwords  in spite of the inherent risk  because their exposure to losses from weak passwords is less than the end-user costs of supporting strong passwords     If you read the last paragraph and thought  Some guy on the Internet named Brian says I can use Javascript crypto   do not use Javascript crypto   For the use case described in the question it would seem to make more sense for users to encrypt their local partition or home directory and use a strong password  That type of security is generally well tested  widely trusted  and commonly available

User · Answer

This is a really interesting article here   I m considering implementing JS encryption for offering security when using local storage   It s absolutely clear that this will only offer protection if the device is stolen  and is implemented correctly    It won t offer protection against keyloggers etc   However this is not a JS issue as the keylogger threat is a problem of all applications  regardless of their execution platform  browser  native    As to the article  JavaScript Crypto Considered Harmful  referenced in the first answer  I have one criticism  it states  You could use SSL TLS to solve this problem  but that s expensive and complicated   I think this is a very ambitious claim  and possibly rather biased    Yes  SSL has a cost  but if you look at the cost of developing native applications for multiple OS  rather than web-based due to this issue alone  the cost of SSL becomes insignificant   My conclusion - There is a place for client-side encryption code  however as with all applications the developers must recognise it s limitations and implement if suitable for their needs  and ensuring there are ways of mitigating it s risks

[html] Can local storage ever be considered secure?

Examples related to html

Examples related to security

Examples related to local-storage

Examples related to html5-appcache